Good AV for Linux

Discussion in 'other anti-virus software' started by Albinoni, Jan 18, 2006.

Thread Status:
Not open for further replies.
Page 2 of 2
  1. ASpace

    ASpace Guest



    I'll second that :

    Free AV for Linux => F-prot
    Paid AV for Linux => NOD32

    It doesn't hurt to have AV while using Linux just for more protection ;)
     
    ASpace, Jul 16, 2006
    #26
  2. Firecat

    Firecat Registered Member

    Joined:
    Jan 2, 2005
    Posts:
    8,251
    Location:
    The land of no identity :D
    F-Prot for Linux is actually very good. The new and improved v4 engine will be out soon which will considerably improve detection rates of an already great product. ;)
     
    Firecat, Jul 16, 2006
    #27
  3. bktII

    bktII Registered Member

    Joined:
    Apr 12, 2006
    Posts:
    224
    Firecat,

    Please note that I am not arguing against your assertion that F-Prot for Linux is very good. What is the basis for this statement?

    In the MS world, there are numerous AV product reviews, comparitives, tests, etc. that one can use to identify the "top performers". Since most of the virus signatures in Linux AV are actually Windows viruses (see my prior post), are you using Windows results for F-Prot as a surrogate for F-Prot for Linux?

    For linux-based AV scanners, the only comparison I've found is by the University of Hamburg and is a bit dated (2004-07) here:

    http://agn-www.informatik.uni-hamburg.de/vtc/

    F-Prot for Linux appears in the middle of the pack as it does for MS leaving me with the impression that it is, at the very least, a reasonable AV product for use with Linux (or Windows).

    Somewhat sobering was their assessment of Clam AV (CLA):

    "In addition, we regret to grade CLA and OAV into the class of "useless" products!

    Again, this is only one comparison and it is two years old.

    bktII
     
    bktII, Jul 16, 2006
    #28
  4. Inspector Clouseau

    Inspector Clouseau AV Expert

    Joined:
    Apr 2, 2006
    Posts:
    1,329
    Location:
    Maidenhead, UK
    CLA is mainly a web server / Email Server based Scanner. It will MOST LIKELY catch a lot of email worms but it pretty much sucks on a desktop version if you try to compare it with other AV solutions. What i'm going to say is putting CLA on your email server because you have nothing else or you don't want to spend money is quite ok, but using CLA as your primary Windows AV is a disaster. And if it isn't yet it will become one in a short time. You will notice that they produce "reasonable" false postives with signatures for the price of having "generic" Mytob Worm Signatures which are nothing else than a UPACK STUB signature! Means that every UPACK file got flagged as Mytob Worm - even the Packer itself! Then there is NO polymorphic detections except of a simple Parite.B detection. Meaning that polymorphic viruses (such as the Polipop recently) staying completely undetected and let alone more complex virues such as ZMist or ETAP.
     
    Inspector Clouseau, Jul 16, 2006
    #29
Page 2 of 2
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Accept Learn More...